#include <sp_hash_shake.h>

Inheritance diagram for Botan::Sphincs_Hash_Functions_Shake:

Public Member Functions
std::tuple< SphincsHashedMessage, XmssTreeIndexInLayer, TreeNodeIndex >	H_msg (StrongSpan< const SphincsMessageRandomness > r, const SphincsTreeNode &root, const SphincsMessageInternal &message)

std::string	msg_hash_function_name () const override

void	PRF (StrongSpan< ForsLeafSecret > out, const SphincsSecretSeed &sk_seed, const Sphincs_Address &address)

void	PRF (StrongSpan< WotsNode > out, const SphincsSecretSeed &sk_seed, const Sphincs_Address &address)

void	PRF_msg (StrongSpan< SphincsMessageRandomness > out, StrongSpan< const SphincsSecretPRF > sk_prf, StrongSpan< const SphincsOptionalRandomness > opt_rand, const SphincsMessageInternal &msg) override

	Sphincs_Hash_Functions_Shake (const Sphincs_Parameters &sphincs_params, const SphincsPublicSeed &pub_seed)

template<typename OutT = std::vector<uint8_t>, typename... BufferTs>
OutT	T (const Sphincs_Address &address, BufferTs &&... in)

template<typename... BufferTs>
void	T (std::span< uint8_t > out, const Sphincs_Address &address, BufferTs &&... in)

Static Public Member Functions
static std::unique_ptr< Sphincs_Hash_Functions >	create (const Sphincs_Parameters &sphincs_params, const SphincsPublicSeed &pub_seed)

Protected Attributes
const SphincsPublicSeed &	m_pub_seed

const Sphincs_Parameters &	m_sphincs_params

Detailed Description

Implementation of SLH-DSA hash function abstraction for SHAKE256

Definition at line 21 of file sp_hash_shake.h.

Constructor & Destructor Documentation

◆ Sphincs_Hash_Functions_Shake()

Botan::Sphincs_Hash_Functions_Shake::Sphincs_Hash_Functions_Shake	(	const Sphincs_Parameters &	sphincs_params,
		const SphincsPublicSeed &	pub_seed )

inline

Definition at line 43 of file sp_hash_shake.h.

                                                                                                                :
            Sphincs_Hash_Functions(sphincs_params, pub_seed),
            m_seeded_hash(sphincs_params.n() * 8),
            m_hash(sphincs_params.n() * 8),
            m_h_msg_hash(8 * sphincs_params.h_msg_digest_bytes()) {
         m_seeded_hash.update(m_pub_seed);
      }

References Botan::Sphincs_Hash_Functions::m_pub_seed, and Botan::Buffered_Computation::update().

Member Function Documentation

◆ create()

std::unique_ptr< Sphincs_Hash_Functions > Botan::Sphincs_Hash_Functions::create	(	const Sphincs_Parameters &	sphincs_params,
		const SphincsPublicSeed &	pub_seed )

staticinherited

Creates a Sphincs_Hash_Functions object instantiating the hash functions used for the specified sphincs_params. The pub_seed is used to seed the hash functions (possibly padded). This is pre-computed and the respective state is copied on the further calls on H(seed) with tweak_hash, i.e., T and PRF.

Definition at line 34 of file sp_hash.cpp.

                                                                                                          {
   switch(sphincs_params.hash_type()) {
      case Sphincs_Hash_Type::Sha256:
#if defined(BOTAN_HAS_SPHINCS_PLUS_SHA2_BASE)
         return std::make_unique<Sphincs_Hash_Functions_Sha2>(sphincs_params, pub_seed);
#else
         throw Not_Implemented("SLH-DSA (or SPHINCS+) with SHA-256 is not available in this build");
#endif
 
      case Sphincs_Hash_Type::Shake256:
#if defined(BOTAN_HAS_SPHINCS_PLUS_SHAKE_BASE)
         return std::make_unique<Sphincs_Hash_Functions_Shake>(sphincs_params, pub_seed);
#else
         throw Not_Implemented("SLH-DSA (or SPHINCS+) with SHAKE is not available in this build");
#endif
 
      case Sphincs_Hash_Type::Haraka:
         throw Not_Implemented("Haraka is not implemented");
   }
   BOTAN_ASSERT_UNREACHABLE();
}

References BOTAN_ASSERT_UNREACHABLE, Botan::Haraka, Botan::Sphincs_Parameters::hash_type(), Botan::Sha256, and Botan::Shake256.

Referenced by Botan::SphincsPlus_PrivateKey::SphincsPlus_PrivateKey().

◆ H_msg()

std::tuple< SphincsHashedMessage, XmssTreeIndexInLayer, TreeNodeIndex > Botan::Sphincs_Hash_Functions::H_msg	(	StrongSpan< const SphincsMessageRandomness >	r,
		const SphincsTreeNode &	root,
		const SphincsMessageInternal &	message )

inherited

Definition at line 78 of file sp_hash.cpp.

                                                                                                                     {
   const auto digest = H_msg_digest(r, root, message);
 
   // The following calculates the message digest and indices from the
   // raw message digest. See FIPS 205, Algorithm 19, Line 5-10.
   const auto& p = m_sphincs_params;
   BufferSlicer s(digest);
   auto msg_hash = s.copy<SphincsHashedMessage>(p.fors_message_bytes());
   auto tree_index_bytes = s.take(p.tree_digest_bytes());
   auto leaf_index_bytes = s.take(p.leaf_digest_bytes());
   BOTAN_ASSERT_NOMSG(s.empty());
 
   auto tree_index = from_first_n_bits<XmssTreeIndexInLayer>(p.h() - p.xmss_tree_height(), tree_index_bytes);
   auto leaf_index = from_first_n_bits<TreeNodeIndex>(p.xmss_tree_height(), leaf_index_bytes);
   return {std::move(msg_hash), tree_index, leaf_index};
}

References BOTAN_ASSERT_NOMSG, Botan::BufferSlicer::copy(), Botan::BufferSlicer::empty(), Botan::Sphincs_Hash_Functions::H_msg_digest(), Botan::Sphincs_Hash_Functions::m_sphincs_params, Botan::root(), and Botan::BufferSlicer::take().

◆ msg_hash_function_name()

std::string Botan::Sphincs_Hash_Functions_Shake::msg_hash_function_name ( ) const

inlineoverridevirtual

Implements Botan::Sphincs_Hash_Functions.

Definition at line 62 of file sp_hash_shake.h.

62{ return m_h_msg_hash.name(); }

Botan::SHAKE_256::name

std::string name() const override

Definition shake.cpp:49

References Botan::SHAKE_256::name().

◆ PRF() [1/2]

void Botan::Sphincs_Hash_Functions::PRF	(	StrongSpan< ForsLeafSecret >	out,
		const SphincsSecretSeed &	sk_seed,
		const Sphincs_Address &	address )

inlineinherited

Definition at line 70 of file sp_hash.h.

                                                                                                                 {
         T(out, address, sk_seed);
      }

References T.

Referenced by Botan::fors_sign_and_pkgen(), and Botan::wots_sign_and_pkgen().

◆ PRF() [2/2]

void Botan::Sphincs_Hash_Functions::PRF	(	StrongSpan< WotsNode >	out,
		const SphincsSecretSeed &	sk_seed,
		const Sphincs_Address &	address )

inlineinherited

Definition at line 74 of file sp_hash.h.

                                                                                                           {
         T(out, address, sk_seed);
      }

References T.

◆ PRF_msg()

void Botan::Sphincs_Hash_Functions_Shake::PRF_msg	(	StrongSpan< SphincsMessageRandomness >	out,
		StrongSpan< const SphincsSecretPRF >	sk_prf,
		StrongSpan< const SphincsOptionalRandomness >	opt_rand,
		const SphincsMessageInternal &	msg )

inlineoverridevirtual

Using SK.PRF, the optional randomness, and a message, computes the message random R, and the tree and leaf indices.

Parameters

out	output location for the message hash
sk_prf	SK.PRF
opt_rand	optional randomness
msg	message

Implements Botan::Sphincs_Hash_Functions.

Definition at line 51 of file sp_hash_shake.h.

                                                               {
         m_hash.update(sk_prf);
         m_hash.update(opt_rand);
         m_hash.update(msg.prefix);
         m_hash.update(msg.message);
         m_hash.final(out);
      }

References Botan::Buffered_Computation::final(), Botan::SphincsMessageInternal::message, Botan::SphincsMessageInternal::prefix, and Botan::Buffered_Computation::update().

◆ T() [1/2]

template<typename OutT = std::vector<uint8_t>, typename... BufferTs>

OutT Botan::Sphincs_Hash_Functions::T	(	const Sphincs_Address &	address,
		BufferTs &&...	in )

inlineinherited

Definition at line 64 of file sp_hash.h.

                                                               {
         OutT t(m_sphincs_params.n());
         T(t, address, std::forward<BufferTs>(in)...);
         return t;
      }

References T.

◆ T() [2/2]

template<typename... BufferTs>

void Botan::Sphincs_Hash_Functions::T	(	std::span< uint8_t >	out,
		const Sphincs_Address &	address,
		BufferTs &&...	in )

inlineinherited

Definition at line 57 of file sp_hash.h.

                                                                                     {
         auto& hash = tweak_hash(address, (std::forward<BufferTs>(in).size() + ...));
         (hash.update(std::forward<BufferTs>(in)), ...);
         hash.final(out);
      }

Referenced by Botan::compute_root(), Botan::fors_public_key_from_signature(), Botan::fors_sign_and_pkgen(), Botan::ht_verify(), Botan::treehash(), and Botan::wots_sign_and_pkgen().

Member Data Documentation

◆ m_pub_seed

const SphincsPublicSeed& Botan::Sphincs_Hash_Functions::m_pub_seed

protectedinherited

Definition at line 103 of file sp_hash.h.

Referenced by Sphincs_Hash_Functions_Shake().

◆ m_sphincs_params

const Sphincs_Parameters& Botan::Sphincs_Hash_Functions::m_sphincs_params

protectedinherited

Definition at line 102 of file sp_hash.h.

Referenced by Botan::Sphincs_Hash_Functions::H_msg().

The documentation for this class was generated from the following file:

src/lib/pubkey/sphincsplus/sphincsplus_common/sphincsplus_shake_base/sp_hash_shake.h

Public Member Functions

Static Public Member Functions

Protected Attributes

Detailed Description

Constructor & Destructor Documentation

◆ Sphincs_Hash_Functions_Shake()

Member Function Documentation

◆ create()

◆ H_msg()

◆ msg_hash_function_name()

◆ PRF() [1/2]

◆ PRF() [2/2]

◆ PRF_msg()

◆ T() [1/2]

◆ T() [2/2]

Member Data Documentation

◆ m_pub_seed

◆ m_sphincs_params